Verifying instant messaging aliases via online parental control accounts, without disclosing identity to unverified parties

ABSTRACT

A parental control system is used to verify the identity of parents, based on children&#39;s instant messaging aliases. A plurality of verified parental accounts is maintained, each of which includes the identity of the parents and their children, including the children&#39;s instant messaging aliases. When a first child wishes to electronically communicate with a second child, s/he makes a request which includes the second child&#39;s alias and additional information identifying the target party. Only if an account containing the alias is found and the additional information can be verified, an identity verification request is transmitted, disclosing the identity of the first child&#39;s parents, and requesting reciprocal identity verification. Only if the second child&#39;s parents disclose their identity is the instant messaging between the children permitted.

RELATED APPLICATIONS

This application is related to patent application Ser. No. 12/118,621 titled “Verifying Instant Messaging Aliases via Online Parental Control Accounts,” filed on May 9, 2008 and having the same assignee (the “Parental Verification Application”).

TECHNICAL FIELD

This invention pertains generally to instant messaging, and more specifically to enabling parents to verify the identity of their children's instant messaging friends using online parental control accounts, without having to disclose their own identities to unverified parties.

BACKGROUND

Instant messaging (“IM”) between children is very popular today. Although IM can be a great vehicle for children to establish and maintain friendships, it also puts children at risk for exposure to bad influences and even electronic predators. Because the communication is electronic in nature, it is easy for people to pretend to be who they are not, and very hard for parents to keep track of with whom their children are communicating.

Online-based parental control systems exist today. A key aspect of online parental control is the ability for parents to control with whom a child communicates online. Such systems enable parents to require that children receive permission to add friends to the list of parties with whom they can communicate. Unfortunately, even with such commercially available online-based parental control systems, the only mechanism parents have for actually determining the true identities of their child's IM buddies is to ask their child. The response of children is not reliable in this context, as children can be dishonest or themselves the victims of other's dishonesty. Without being able to determine with whom their children are really requesting permission to communicate, the power to approve or deny the requests is not sufficient. A substantive mechanism to verify the identity behind an IM alias before a child is granted permission to communicate would be desirable.

The related Parental Verification Application discloses methodology according to which an online-based parental control system is used to verify the identity of children and their parents, based on children's instant messaging aliases. This way, a child's instant messaging buddies can be limited to children whose parents have been securely identified. More specifically, the online-based parental control system maintains a plurality of verified parental accounts, each of which includes the identity of the parents and their children, including the children's instant messaging aliases. When a first child wishes to electronically communicate with a second child, the first child makes a request which includes the second child's instant messaging alias. The system searches the plurality of parental accounts for one containing the second child's alias. If the alias is not found, instant messaging between the children is not allowed. If a parental account containing the alias is found, an identity verification request is transmitted to the parents of the second child. The identity verification request discloses the identity of the first child's parents, and requests reciprocal verification of the identity of the parents of the second child. Only if the second child's parents respond by disclosing their identity is the instant messaging between the children permitted.

The subject matter of the Parental Verification Application represents a big step forward in the provision of security in the IM context. However, in the methodology disclosed therein, the first child's parents need to disclose their own identify to the second child's parents, before the identity of the second child's parents has been confirmed. In other words, the first child's parents are required to disclose their identity to an unknown third party in order to confirm the identity of their child's potential IM buddy. It would be desirable to eliminate this shortcoming.

SUMMARY

An online-based parental control system is used to verify the identity of children and their parents, based on children's instant messaging aliases. This way, a child's instant messaging buddies can be limited children whose parents have been securely identified, in such a way that neither parent has to disclose their identity to an unknown party. More specifically, the online-based parental control system maintains a plurality of verified parental accounts, each of which includes the identity of the parents and their children, including the children's instant messaging aliases. When a first child wishes to electronically communicate with a second child, the first child makes a request which includes the second child's instant messaging alias, and additional information identifying the second child's parents. The system searches the plurality of parental accounts for one containing the second child's alias. If the alias is not found, instant messaging between the children is not allowed. If a parental account containing the alias is found, the system attempts to verify the additional information provided in the request. If this information cannot be verified, instant messaging between the children is not allowed. Only if the additional information can be confirmed, an identity verification request is transmitted to the parents of the second child. The identity verification request discloses the identity of the first child's parents, and requests reciprocal verification of the identity of the parents of the second child. Only if the second child's parents respond by disclosing their identity is the instant messaging between the children permitted.

The features and advantages described in this summary and in the following detailed description are not all-inclusive, and particularly, many additional features and advantages will be apparent to one of ordinary skill in the relevant art in view of the drawings, specification, and claims hereof. Moreover, it should be noted that the language used in the specification has been principally selected for readability and instructional purposes, and may not have been selected to delineate or circumscribe the inventive subject matter, resort to the claims being necessary to determine such inventive subject matter.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating a system for verifying the identity of children's IM friends, without having to disclose their own identities to unverified parties, according to some embodiments of the present invention.

FIG. 2 is a flowchart illustrating steps for Verifying the identity of children's IM friends, without having to disclose their own identities to unverified parties, according to some embodiments of the present invention.

FIG. 3 is a block diagram illustrating community management component which enables an account owner to create trust connections, according to some embodiments of the present invention.

The Figures depict embodiments of the present invention for purposes of illustration only. One skilled in the art will readily recognize from the following discussion that alternative embodiments of the structures and methods illustrated herein may be employed without departing from the principles of the invention described herein.

DETAILED DESCRIPTION

FIG. 1 illustrates a system for enabling parents 107 to verify the identity of their children's 103 IM friends using online parental control accounts 113, without having to disclose their own identities to unverified parties, according to some embodiments of the present invention. It is to be understood that although various components are illustrated in FIG. 1 as separate entities, each illustrated component represents collection of functionalities which can be implemented as software, hardware, firmware or any combination of these. Where a component is implemented as software, it can be implemented as a standalone program, but can also be implemented in other ways, for example as part of a larger program, as a plurality of separate programs, as a kernel loadable module, as one or more device drivers or as one or more statically or dynamically linked libraries.

As illustrated in FIG. 1, aspects of the present invention are built on top an online-based parental control system 101. Such a 101 system provides both parental control enforcement at the user computer level, parental control management via the Web, and workflow management to allow children 103 request permission to communicate with specific IM aliases 109. As part of such systems 101, participating parents 107 create online accounts 113, verified by credit card or other concrete real world mechanisms, and specify their children's IM aliases 109.

As illustrated, a child 103 (e.g., “Jon”) can issue a request 105 to his parents 107 to communicate with another child 103 (e.g., “Jane”). The request 105 includes the IM alias 109 of the child 103 with whom the requesting child 103 wishes to communicate (in this example, Jon's request 105 includes Jane's alias 109). The request 105 also includes some additional information 102 concerning the target party (e.g., Jane's street address, Jane's father's cell phone number, etc.) Based on the request 105, an IM alias search component 111 searches the parental accounts 113 on the parental control system 101 for Jane's IM alias 109. In one embodiment, Jon's parents 107 approve the request 105 to initiate the search, whereas in another, the search executes automatically responsive to the request 105. In either case, if a parental account 113 containing Jane's alias 109 is found, the search component 111 identifies the parental account 113 with which the alias 109 is associated (i.e., the account 113 maintained by Jane's parents 107). In other words, the IM alias search component 111 determines whether a particular alias 109 can be verified through a corresponding parental account 113, and if so which parental account 113.

If Jane's IM alias 109 is not found, then the search component 111 sends a notification 117 to Jon's parents 107 indicating that Jane's identity cannot be verified, and IM communication between Jon and Jane is not allowed. In one embodiment, in order to prevent probing attacks, the sending party (e.g., Jon's parents 107) are not notified when a target child's IM alias 109 (e.g., Jane's alias 109) cannot be verified. In any case, if Jane's IM alias 109 is found, a verification component 104 attempts to verify the additional information 102 provided in the request 105: For example, if the additional information 102 comprises Jane's street address, the verification component 104 checks the validated home address in the corresponding parental account 113, and determines whether it matches the one provided by Jon in the request 105.

In some embodiments, the additional information 102 is in the form of data that can be checked against the validated data corresponding parental account 113 as described above (i.e., any information about the target child 103 or his/her parents 107 that is kept in parental accounts 113, such as full names, addresses, phone numbers, etc.). In other embodiments, the verification of the additional information 102 can be through a trusted third party identity provider 106. For example, rather than providing Jane's home address in the request 105, Jon could provide the fact that Jane is a student at a specific high school, and a member of that high school's lacrosse team. Assuming that a trusted third party 106 exists to verify these things, the verification component 104 can verify the additional information 102 provided by Jon with that third party 106, rather than by checking the appropriate parental account 113, which would not typically contain such data.

Only once the additional information 102 has been verified, an identity verification request component 119 transmits a verification request 115 from Jon's parents 107 to Jane's parents 107, typically using the workflow management functionality of the parental control system 101. The parental control system 101 displays the verification request 115 to the target account's 113 owner (i.e., Jane's parents 107). The verification request 115 informs Jane's parents 107 that Jon is requesting to IM with their child Jane. This notification discloses the identity of Jon's parents 107 and their relationship to Jon (as verified by the credit card associated with the account 113), and requests the reciprocal Verification of the identity of Jane's parents 107 (again, as, verified on the account) and the confirmation of Jane's status as their child 103.

By only sending the verification request 115 to Jane's parents after their verification of the additional information 102, Jon's parents 107 do not disclose their identity to an unknown party. This ensures that Jon's family's identity information is only disclosed to Jane's parents once they are known to actually be who Jon says they are. In one embodiment, to provide the highest security, the sending party (e.g., Jon's parents 107) are not told whether their verification request 115 was sent (i.e., the sending party is not informed as to whether or not the target party could be verified). This avoids probing attacks, and therefore ensures that neither Jon's parents 107 nor Jane's parents 107 are required to disclose their identity except to a party whose identity has been validated. In another embodiment, if the additional information 102 concerning the target party cannot be verified, a notification 117 is sent to the parents 107 of the requesting party.

Based on the information in the verification request 115, Jane's parents 107 may choose whether or not to respond, and by extension whether or not to allow Jane to IM with Jon. If Jane's parents 107 decide not to send a response 123 to the verification request 115 (or send response indicating that they decline to disclose their identity), Jon and Jane are not allowed to engage in IM communication. Under such circumstances, in some embodiments, Jon's parents 107 receive a notification 117 indicating that their identity verification request 115 has been rejected.

On the other hand, to allow the children 103 to communicate, Jane's parents 107 send a reply 123 to the identity verification request 115, providing their identity to Jon's parents 107. If they choose to do this, an identity verification response component 121 uses the workflow management functionality of the parental control system 101 to send the response 123 to the verification request 115 back to Jon's parents 107. The response 123 includes the identities of Jane's parents 107, and confirms that Jane is their child 103. In some embodiments, once this response 123 has been received, the parental control system 101 automatically allows IM communication between the two children 103. In other embodiments, the originating party (e.g., Jon's parents 107) reviews the response 123, and then transmits an indication 127 to the parental control system 101 as to whether or not to allow the communication.

It is to be understood that what information 102 is considered sufficient for verification of the identity of a target party prior to sending a request 115 is a variable design parameter. In some embodiments, the information 102 provided by the requesting child 103 (e.g., Jon) is presented to his/her parents 107, who can view the provided information 102 and decided whether or not to initiate the verification process. It is to be further understood that in various embodiments, minor variations in spelling, addresses (e.g., Maple Street instead of Maple Avenue), etc., in the child 103 provided information 102 are either considered to be within an acceptable margin of error, or are subject to additional confirmation rather than being classified as incorrect/unverifiable. How much and what variation(s) to accept are design parameters.

FIG. 2 is a flowchart illustrating steps for performing the workflow to practice certain embodiments of the present invention. As illustrated in FIG. 2, a first child 103 makes 201 a request 105 to his parents 107 to communicate with a second child 103. The request 105 includes the second child's IM alias 109, and additional information 102 concerning the target party (e.g., the second child 103 and/or the second child's parents 107). Responsive to the request 105, the search component 111 searches 203 the parental accounts 113 for an account 113 that includes the IM alias 109 of the second child 103. If no account containing the second child's IM alias 109 is located, a notification 117 is transmitted 205 to the parent's 107 of the first child 103, indicating that the identity of the second child 103 cannot be verified. In this case, IM communication between the children 103 is not allowed 213.

On the other hand, if a parental account 113 containing the second child's IM alias 109 is found, the verification component 104 attempts to verify 206 the additional information 102 provided in the request 105. If the additional information 102 cannot be verified, notification 117 is sent to the parents 107 of the first child 103, and IM communication between the children 103 is not allowed 213. On the other hand, if the additional information 102 is verified, the identity verification request component 119 transmits 207 a verification request 115 from the parents 107 of the first child 103 to the second child's parents 107. The identity verification request 115 contains the identity of the first child's parents 107, and indicates that the first child 103 is requesting to communicate with the second child 103.

Responsive to the identity verification request 115, the parents 107 of the second child 103 can send 209 a response 123 containing their identities, in which case the first and second child 103 are allowed 211 to communicate. The second child's parents 107 can instead elect not to disclose their identities, in which case communication between the children is not allowed 213.

Turning now to FIG. 3, in some embodiments of the present invention, a community management component 301 enables an account 113 owner (i.e., a parent 107) to create trust connections 303 with other account 113 owners on the system 101. In such embodiments, a parent can effectively choose to skip the workflow in which the target party's identity is confirmed before the identity verification request 115 is transmitted. Parents 107 can skip this verification step with those whom they have already identified as being trusted members of their community. For example, a parent 107 might wish to specify that it is okay to disclose his/her identity to certain trusted parties or groups (e.g., parents 107 of students in child's school. members of Church, etc.) In other words, by establishing defined trust relationships 303 with family members, friends and other parties on the system 101, parent 107 can indicate that it is not required to confirm the identities of such parties before disclosing their own identities by sending a request 115.

The present specification, discusses embodiments of the present invention using the examples of parents 107 governing the IM activities of their children 103. The terms parents 107 and children 103 as used herein are not limited to that specific literal relationship, but can encompass any two parties in which one party is responsible for controlling the electronic communication of the other (e.g., teachers and students, counselors and charges, employers and employees, etc.). Additionally, the electronic communication being governed is not limited to IM activity, but in other embodiments can comprise other formats, such as electronic chatting, e-mailing, etc.

As will be understood by those familiar with the art, the invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. Likewise, the particular naming and division, of the portions, modules, agents, managers, components, functions, procedures, actions, layers, features, attributes, methodologies and other aspects are not mandatory or significant, and the mechanisms that implement the invention or its features may have different names, divisions and/or formats. Furthermore, as will be apparent to one of ordinary skill in the relevant art, the portions, modules, agents, managers, components, functions, procedures, actions, layers, features, attributes, methodologies and other aspects of the invention can be implemented as software, hardware, firmware or any combination of the three. Wherever a component of the present invention is implemented as software, the component can be implemented as a script, as a standalone program, as part of larger program, as a plurality of separate scripts and/or programs, as a statically or dynamically linked library, as a kernel loadable module, as a device driver, and/or in every and any other way known now or in the future to those of skill in the art of computer programming. Additionally, the present invention is in no way limited to implementation in any specific programming language, or for any specific operating system or environment. Furthermore, it will be readily apparent to those of ordinary skill in the relevant art that where the present invention is implemented in whole or in part in software, the software components thereof can be stored on computer readable media as computer program products. Any form of computer readable medium can be used in this context, such as magnetic or optical storage media. Additionally, software portions of the present invention can be instantiated (for example as object code or executable images) within the memory of any computing device. Accordingly, the disclosure of the present invention is intended to be illustrative, but not limiting, of the scope of the invention, which is set forth in the following claims. 

1. A machine implemented method for verifying identities of parties for electronic communication, the method comprising the steps of: maintaining, by at least one computer, a plurality of verified parental accounts, each verified parental account comprising at least a verified identity of at least one parent and at least one electronic communication alias of at least one associated child account; receiving, by the at least one computer, a request from a first child account to an associated parent account to allow electronic communication with a second child account, the request comprising at least an electronic communication alias associated with the second child account and additional information concerning a target party, the additional information comprising validated personal data concerning a second child; searching, by the at least one computer, the plurality of parental accounts for the electronic communication alias associated with the second child account; attempting to verify, by the at least one computer, the additional information concerning the target party; transmitting, by the at least one computer, an identity verification request to a parent account associated with the second child account, the identity verification request disclosing the identity of the parent associated with the first child account, and requesting reciprocal verification of the identity of the parent associated with the second child account; and at least partially responsive to results of the searching step and the attempting to verify step, determining, by the at least one computer, whether to allow electronic communication between the first child account and the second child account.
 2. The method of claim 1 further comprising: responsive to finding a parental account containing the electronic communication alias associated with the second child account and verifying the additional information concerning the target party, transmitting, by the at least one computer, the identity verification request to the parent account associated with the second child account, the identity verification request disclosing the identity of the parent associated with the first child account, and requesting reciprocal verification of the identity of the parent associated with the second child account.
 3. The method of claim 2 further comprising: receiving, by the at least one computer, a response to the identity verification request from the parent account associated with the second child account, the response disclosing the identity of the parent associated with the second child account.
 4. The method of claim 3 further comprising: transmitting, by the at least one computer, the received response to the identity verification request to the parent account associated with the first child account; and allowing, by the at least one computer, electronic communication between the first child account and the second child account.
 5. The method of claim 2 further comprising: not allowing, by the at least one computer, electronic communication between the first child account and the second child account, responsive to a condition from a group of conditions consisting of: 1) not receiving a response to the identity verification request from the parent account associated with the second child account, 2) receiving a response to the identity verification request from the parent account associated with the second child account, the response indicating that the parent associated with the second child account elects not to disclose their identity.
 6. The method of claim 5 further comprising: transmitting, by the at least one computer, a notification to the parent account associated with the first child account, the notification indicating that the parent associated with the second child account has not disclosed their identity.
 7. The method of claim 1 wherein electronic communication comprises at least one type of electronic communication from a group consisting of: instant messaging; electronic chatting; and electronic mail.
 8. The method of claim 1 further comprising: receiving, by the at least one computer, an identification of at least one trusted party from a parent account; receiving, by the at least one computer, a request from a first child account associated with the parent account to allow electronic communication with a second child account; determining, by the at least one computer, that the second child account is associated with a party identified as being trusted by the parent account; and transmitting, by the at least one computer, the identity verification request to the parent account associated with the second child account without verifying the additional information concerning the target party.
 9. The method of claim 1 wherein the additional information comprising validated personal data concerning the second child further comprises validated personal data concerning a parent of the second child.
 10. At least one non-transitory computer readable storage medium storing a computer program product for verifying identities of parties for electronic communication, the computer program product comprising: program code for maintaining a plurality of verified parental accounts, each verified parental account comprising at least a verified identity of at least one parent and at least one electronic communication alias of at least one associated child account; program code for receiving a request from a first child account to an associated parent account to allow electronic communication with a second child account, the request comprising at least an electronic communication alias associated with the second child account and additional information concerning a target party, the additional information comprising validated personal data concerning a second child; program code for searching the plurality of parental accounts for the electronic communication alias associated with the second child account; program code for attempting to verify the additional information concerning the target party; program code for transmitting an identity verification request to a parent account associated with the second child account, the identity verification request disclosing the identity of the parent associated with the first child account, and requesting reciprocal verification of the identity of the parent associated with the second child account; and program code for at least partially responsive to results of the searching step and the attempting to verify step, determining whether to allow electronic communication between the first child account and the second child account.
 11. The computer program product of claim 10 further comprising: program code for, responsive to finding a parental account containing the electronic communication alias associated with the second child account and verifying the additional information concerning the target party, transmitting the identity verification request to the parent account associated with the second child account, the identity verification request disclosing the identity of the parent associated with the first child account, and requesting reciprocal verification of the identity of the parent associated with the second child account.
 12. The computer program product of claim 11 further comprising: program code for receiving a response to the identity verification request from the parent account associated with the second child account, the response disclosing the identity of the parent associated with the second child account.
 13. The computer program product of claim 12 further comprising: program code for transmitting the received response to the identity verification request to the parent account associated with the first child account; and program code for allowing electronic communication between the first child account and the second child account.
 14. The computer program product of claim 12 further comprising: program code for transmitting the received response to the identity verification request to the parent account associated with the first child account; and program code for, only in response to receiving an approval from the parent account associated with the first child account, allowing electronic communication between the first child account and the second child account.
 15. The computer program product of claim 11 further comprising: program code for not allowing electronic communication between the first child account and the second child account, responsive to a condition from a group of conditions consisting of: 1) not receiving a response to the identity verification request from the parent account associated with the second child account, 2) receiving a response to the identity verification request from the parent account associated with the second child account, the response indicating that the parent associated with the second child account elects not to disclose their identity.
 16. The computer program product of claim 15 further comprising: program code for transmitting a notification to the parent account associated with the first child account, the notification indicating that the parent associated with the second child account has not disclosed their identity.
 17. The computer program product of claim 10 further comprising: program code for receiving an identification of at least one trusted party from a parent account; program code for receiving a request from a first child account associated with the parent account to allow electronic communication with a second child account; program code for determining that the second child account is associated with a party identified as being trusted by the parent account; and program code for transmitting the identity verification request to the parent account associated with the second child account without verifying the additional information concerning the target party.
 18. The computer program product of claim 11 wherein the program code for verifying the additional information concerning the target party further comprises program code for performing at least one step from a group of steps consisting of: verifying the additional information in the parental account containing the electronic communication alias associated with the second child account; and verifying the additional information with at least one trusted third party information provider.
 19. The computer program product of claim 10 further comprising program code for performing at least one additional step from a group of steps consisting of: responsive to not verifying the additional information concerning the target party, not permitting electronic communication between the first child account and the second child account; and responsive to not verifying the additional information concerning the target party, transmitting an electronic notification to the parent account associated with the first child account, the electronic notification indicating the additional information concerning the target party could not be verified.
 20. The computer program product of claim 10 wherein the additional information comprising validated personal data concerning the second child further comprises validated personal data concerning a parent of the second child. 